Control 2.12: Supervision and Oversight (FINRA Rule 3110)
Control ID: 2.12 Pillar: Management Regulatory Reference: FINRA Rule 3110, FINRA 4511, SEC 17a-4, SOX 302/404 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Agent 365 Architecture Update
Entra Agent ID's sponsorship model provides enforced human accountability for agent lifecycle, aligning with FINRA 3110 supervision requirements. The three-role model (Owners, Sponsors, Managers) creates separation of duties where sponsors provide business oversight without technical modification rights. See Unified Agent Governance for sponsorship model configuration and FINRA 3110 alignment details.
Objective
Establish supervisory procedures for AI agent outputs aligned with FINRA Rule 3110 requirements, implementing human-in-the-loop (HITL) review, sampling protocols, and documented oversight. Zone 3 agents require HITL enabled with human review before customer responses are delivered.
Why This Matters for FSI
- FINRA Rule 3110: Requires written supervisory procedures (WSPs) for all business activities including AI-assisted communications. The FINRA 2026 Annual Oversight Report emphasizes that AI-assisted supervision tools require the same WSP rigor as human supervisory workflows, including documented escalation paths for AI-flagged exceptions.
- FINRA 4511: Supervision records must be maintained as books and records
- SEC 17a-4: Supervisory review documentation preserved for regulatory examination
- SOX 302/404: Management certification requires documented internal controls
Updated February 2026
FINRA 2026 oversight priorities highlight AI supervision as an examination focus area. Firms using AI for supervisory functions (trade surveillance, communication monitoring) must document how AI substitutes for or augments human supervision.
Control Description
This control establishes supervision through:
- Written Supervisory Procedures - Document WSPs for AI agent deployment and monitoring
- Human-in-the-Loop Configuration - Configure HITL requirements in Copilot Studio
- Sampling Protocols - Define statistical sampling for output review
- Principal Designation - Assign qualified supervisors per FINRA requirements
- Exception Escalation - Define escalation paths for flagged outputs
- Supervision Evidence - Maintain review logs for regulatory examination
Key Configuration Points
- Create WSP addendum for AI agent supervision
- Configure Copilot Studio HITL: Enable generative answers review for Zone 3
- Set sampling rates: 100% for high-risk actions, statistical sampling for routine
- Designate qualified principals (Series 24 for BD, Series 66 for RIA) as supervisors
- Configure Power Automate workflows for review queue management
- Implement escalation triggers for flagged content
- Archive supervision decisions with reviewer identity and timestamp
Automation Available
See FINRA Supervision Workflow in FSI-AgentGov-Solutions for automated supervision queue management with SLA tracking, escalation workflows, and audit trail generation supporting FINRA Rule 3110 compliance.
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Self-service with periodic spot-check; annual WSP acknowledgment | Low external impact, minimal supervision needed |
| Zone 2 (Team) | Owner-level supervision; 10% sampling; documented review process | Shared agents warrant structured oversight |
| Zone 3 (Enterprise) | Principal supervision; HITL for high-risk; statistical sampling; real-time monitoring | Customer-facing requires maximum supervisory controls |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Compliance Officer | Define WSPs, designate supervisors, validate regulatory alignment |
| Designated Principal | Execute supervisory review, approve/reject flagged outputs |
| AI Governance Lead | Configure HITL settings, manage review workflows |
| Agent Owner | Ensure agent complies with supervision requirements |
Related Controls
| Control | Relationship |
|---|---|
| 2.6 - Model Risk Management | Supervision is component of MRM framework |
| 1.7 - Audit Logging | Supervision events captured in audit logs |
| 3.4 - Incident Reporting | Supervision failures trigger incident process |
| 2.13 - Documentation | WSPs maintained per record-keeping requirements |
AI Agent Autonomy Levels (2026 Oversight Report Guidance)
The FINRA 2026 Annual Regulatory Oversight Report emphasizes that firms must define and supervise AI agent autonomy levels. Different autonomy levels require different supervisory approaches. The Report notes that agentic AI systems with varying autonomy levels require supervisory procedures tailored to the degree of autonomy—fully autonomous agents executing actions without human approval require more stringent supervisory controls than agents that only recommend actions.
| Autonomy Level | Description | Supervision Requirement | Zone Applicability |
|---|---|---|---|
| Recommend-Only | Agent provides recommendations; human approves all actions | Post-use review acceptable (Rule 3110) | Zone 1-2 |
| Semi-Autonomous | Agent executes routine actions; human approval for material decisions | Pre-approval workflows for material thresholds | Zone 2-3 |
| Fully Autonomous | Agent executes all actions within scope | Real-time monitoring + exception alerting mandatory | Zone 3 with exceptional controls |
Autonomous Agents and Zone 3
Fully autonomous agents (self-directing without human approval) are not recommended for Zone 3 customer-facing deployments in financial services. The FINRA 2026 Report emphasizes that FINRA expects human oversight of AI-assisted customer interactions.
Updated February 2026
FINRA 2026 oversight priorities emphasize that fully autonomous agents require dedicated supervisory procedures beyond traditional supervision frameworks.
Autonomy Classification Requirements
- Document autonomy level in agent governance records
- Map autonomy to supervision procedures in WSPs
- Configure HITL thresholds appropriate to autonomy level
- Test autonomy limits per Rule 3120 annual requirements
FINRA Rule 2210 Communication Classifications
FINRA Rule 2210 distinguishes communication types with different supervision requirements. AI agent outputs must be classified correctly:
| Communication Type | Definition | Supervision Requirement | AI Agent Impact |
|---|---|---|---|
| Correspondence | To 25 or fewer retail investors within 30 days | Post-use review acceptable | Zone 2 agents may qualify |
| Retail Communication | To more than 25 retail investors within 30 days | Pre-use principal approval required | Zone 3 agents typically require |
| Institutional Communication | To institutional investors only | Internal procedures | Reduced supervision burden |
Zone 3 Classification Critical
If an AI agent's output could reach more than 25 retail investors within any 30-day period, it likely qualifies as a Retail Communication requiring pre-use principal approval. Err on the side of stricter classification.
Classification Decision Tree
- Who is the audience?
- Institutional only → Institutional Communication
-
Includes retail → Continue to step 2
-
How many retail investors in 30 days?
- ≤25 → Correspondence (post-use review OK)
-
25 → Retail Communication (pre-use approval required)
-
Agent zone classification?
- Zone 1: Personal use, not shared externally
- Zone 2: May generate Correspondence if audience limited
- Zone 3: Assume Retail Communication; configure HITL pre-approval
See: FINRA Rule 2210
Rule 3120 Annual Testing Requirements
FINRA Rule 3120 requires firms to test and verify their supervisory control systems annually. For AI agent governance, this includes testing that AI supervision controls function as designed.
Annual Testing Checklist
| Test Area | Frequency | Evidence Required |
|---|---|---|
| WSP Adherence | Annual | Documented testing results showing procedures are followed |
| HITL Functionality | Annual | Test cases with pass/fail results for review queue |
| Escalation Procedures | Annual | Simulated escalation logs showing proper routing |
| Review Queue Performance | Annual | Queue audit showing timely reviews within SLA |
| Sampling Protocol Execution | Annual | Evidence that sampling rates are met |
| Supervisor Qualifications | Annual | Verification that designated principals maintain required registrations |
Testing Methodology
- Design Effectiveness: Verify WSPs adequately address AI agent supervision risks
- Operating Effectiveness: Test that controls operate as designed throughout the year
- Exception Handling: Verify exceptions are identified, escalated, and resolved
- Documentation: Maintain testing evidence for examination (3+ years)
Examination Focus
The FINRA 2026 Annual Regulatory Oversight Report emphasizes that examiners will assess whether firms have tested their AI supervisory controls per Rule 3120. Undocumented testing is treated as no testing.
See: FINRA Rule 3120
Entra Agent ID Sponsorship Alignment
Preview Feature - Frontier Program
Microsoft Entra Agent ID sponsorship model is in preview via Microsoft's Frontier program. This feature provides identity governance capabilities that align with FINRA 3110 supervision requirements. Verify feature availability and GA timelines before implementing production controls dependent on this capability.
February 2026 Status: As of early 2026, Entra Agent ID and Conditional Access policies targeting non-human agent identities remain in Preview. The Agent 365 Unified Control Plane and Observability also remain in preview. Organizations should assess preview limitations before deploying in production. Observability integration for supervision evidence collection (linking agent behavior logs to sponsorship attestation) is expected to mature as the control plane reaches GA.
Supervision Through Sponsorship
Microsoft Entra Agent ID introduces a human sponsorship model for AI agent identities (Agentic Users). Every agent identity requires a designated human sponsor who serves as the agent's supervisor throughout its lifecycle. This model aligns naturally with FINRA Rule 3110's requirement for designated supervisors and written supervisory procedures.
How Sponsorship Aligns with FINRA 3110:
The sponsor serves as the designated supervisor for the agent's lifecycle — analogous to the "qualified principal" requirement in FINRA 3110. Key alignment points:
- Human accountability for agent actions — Every agent has an identifiable human sponsor responsible for oversight
- Lifecycle governance with separation of duties — Sponsors cannot delete agents, enforcing maker/checker separation that helps prevent evidence destruction (supporting FINRA 4511 record-keeping requirements)
- Departure notification workflows — Entra Lifecycle Workflows send notifications when a sponsor leaves the organization but do not auto-reassign sponsorship by default; automatic reassignment requires custom workflow extensions
- Periodic attestation and access reviews — Re-attestation workflows align with FINRA 3110's periodic supervisory review obligations
- Audit trail of sponsorship decisions — All sponsorship assignments, transfers, and attestations are logged in Entra audit logs for examination readiness
FINRA 3110 Sponsorship Mapping
| FINRA 3110 Requirement | Entra Agent ID Capability | Implementation |
|---|---|---|
| Designated supervisor | Human sponsor required for every agent identity | Assign sponsor at agent identity creation; sponsor must exist before agent can be deployed |
| Written supervisory procedures (WSPs) | Lifecycle workflows enforce sponsorship governance | Configure review workflows in Entra ID Governance; document procedures in WSP addendum |
| Periodic supervisory review | Access reviews and re-attestation workflows | Configure quarterly sponsor attestation; reviewer confirms agent still serves business purpose and operates within approved scope |
| Supervisor reassignment on departure | Lifecycle departure workflows | Notification triggered on sponsor termination; backup sponsor must be manually assigned or automated via custom workflow extensions |
| Separation of duties | Sponsor cannot delete agents | Built-in role restriction prevents sponsor from destroying evidence; requires separate admin role for deletion |
| Supervision audit trail | Entra audit logs capture all sponsorship events | Logs include sponsor assignments, attestations, workflow triggers, and access reviews for regulatory examination |
Implementation Considerations
Zone-Specific Sponsorship Requirements:
- Zone 1 (Personal): Sponsorship optional; self-service agents with minimal supervision
- Zone 2 (Team): Sponsorship recommended; team lead serves as sponsor with documented review process
- Zone 3 (Enterprise): Sponsorship required; designated principal serves as sponsor with quarterly attestation
Sponsorship vs. Other Supervision Controls:
Sponsorship provides lifecycle and identity governance. It complements (does not replace) other supervision controls documented in this control:
- Human-in-the-Loop (HITL) — Real-time review of agent outputs before delivery to customers
- Sampling protocols — Statistical review of agent communications for quality and compliance
- Exception escalation — Risk-based triggers that escalate concerning outputs to supervisors
Use sponsorship to establish who is accountable for the agent. Use HITL, sampling, and escalation to supervise what the agent does.
Cross-References:
- See Agent 365 Architecture for unified governance context and sponsorship integration with Agent 365 control plane
- See Agent Identity Architecture for detailed sponsorship governance procedures, lifecycle workflows, and Zone-specific attestation requirements
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- WSP addendum documents AI agent supervision requirements per FINRA 3110 and SEC 17a-4
- HITL configuration enabled in Copilot Studio for Zone 3 agents
- Designated supervisors have appropriate registrations/qualifications
- Review queue functions correctly with escalation routing
- Supervision log captures reviewer decisions with timestamps for regulatory examination
Additional Resources
FINRA Guidance:
- FINRA Rule 3110: Supervision — Primary supervision rule
- FINRA Rule 3120: Supervisory Control System — Testing and verification of supervisory procedures
- FINRA Regulatory Notice 24-09: Gen AI and LLM Guidance — Official guidance on AI supervision obligations
- FINRA 2026 Annual Regulatory Oversight Report — Most comprehensive AI agent supervision guidance (December 2025)
- FINRA Notice 25-07: Workplace Modernization (RFC - Request for Comment) — Addresses workplace rules, not AI governance
- FINRA Communications FAQ D.8 — Firms are responsible for AI-generated communications
Microsoft Learn:
Updated: February 2026 | Version: v1.3 | UI Verification Status: Current